What could keep you up at night in the new year may not be what you expect — a look at some of the lesser-known threats predicted for 2009
My comments on the four threats.
The Internet e-Bomb
The possibility that attackers take the Internet offline, or even a portion offline, is not new. This particular threat has happened already to some extent, from Yahoo being DOS’d to severed undersea cables (have they all been accidents?). Based on the current attack methodology, the hackers need the Internet to remain solid, available and online just as much as we do. It is unlikely that they will destroy the very network that at this point remains so profitable to them.
Radical Extremist Hackers
Call them script-kiddies if you want. Until they do something drastic, it currently boils down to one annoying defacement after another. And if there’s no publicity associated with it – the ‘shock’ and ‘horror’ associated with terrorist acts diminishes. Unlike an 8yr old exploding with a bomb strapper to his chest, defacing a web page with the words ‘Jews suck’ hardly has the same impact.
So the compromise leads to financial gain, to support the terrorist movement – heck this is old news too. The PLA has been sponsoring this activity for years.
Attacks on Online Revenue (Ads)
We will see an increase in this for 2009 certainly – but the phenomenon is not new. The cynic in me believes that the biggest customer of ad-revenue hacking are the owners of the large ad-supported websites themselves. In this age of ad-blockers, and very little clickthrough activity, who has the most to gain from frauding the online ad-providers?
Worms, hacks and other compromises are not deliberately engineered to result in the loss of life. But if your health and well-being is tied directly to the security of a hospital computer network, then shame on that institution. I’m all for modernizing hospital records and processes – but design it right please.
Okay okay, so it’s easy to criticize anothers work. What do I expect for 2009? Well unfortunately I am not creative enough to come up with 4 new things, not even 1 new thing. I believe in my Corporate Investigative role, I will see an increase in the number of employee related investigations involving fraudulent claims of time-and-attendance as well as side-businesses and other conflicts of interest.